In a previous post, I described how to describe puppet environments, roles, and profiles, as modules and how to use r10k and librarian-puppet to deploy them.

One possible problem with deploying to the puppet environment directory directly is that the librarian-puppet run can take some time and there is a possibility that puppet may attempt to compile a catalogue in an incomplete or inconsistent environment. One way to overcome this is to deploy the environments into a new directory, create a symlink, and move the symlink atomically into place.

This would look something like this:

cd /etc/puppet/envs
# create a new dir under /etc/puppet/envs - I use a timestamp in the name so I know when it was created
NEW_ENV_DIR=$(mktemp --directory envs.$(date -Isec).XXX")
cd /etc/puppet
# use r10k deploy the environments into the new dir
PUPPETFILE_DIR="envs/${NEW_ENV_DIR}" r10k puppetfile install
# loop over all the environments and use librarian-puppet to deploy all the roles/profiles/modules
while read env ; do
  pushd $env
  LIBRARIAN_PUPPET_PATH=modules librarian-puppet install --no-use-v1-api --strip-dot-git
  popd
done < <(find "/etc/puppet/envs/${NEW_ENV_DIR}" -maxdepth 1 -mindepth 1 -type d)
ln -s /etc/puppet/envs/${NEW_ENV_DIR} /etc/puppet/envs/environments
mv /etc/puppet/envs/environments /etc/puppet

I have written a script that does all of this in a more robust way and also uses parallel to speed up the deployment process.

The script and the role and profile modules references in my previous article are in this github repo.

One thought on “Atomic Deployment of Puppet environments

Leave a reply

<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong> 

required